sysadmin

A 6-post collection

Using Let’s Encrypt TLS Certificates for SMTP, IMAP, and HTTP

One of the greatest advances towards securing the Internet happened on April 12, 2016 when the Internet Security Research Group (ISRG) launched the “Let’s Encrypt” X.509 Transport Layer Security (TLS) (you may recognize it by the older SSL moniker) Certificate Authority. Major sponsors of the ISRG include the Electronic Frontier Foundation (EFF), the Mozilla Foundation, Akamai, and Cisco. The purpose of Let’s Encrypt is to provide free TLS certificates to anyone that can prove they own a domain so that they can secure the communications between their clients and their server through encryption. The service is fully automated and renewals are automated as well, keeping the certificates current and validated. However, securing your website is but one...

Solving Fail2Ban not banning IPs on Ubuntu 16.04

I recently installed Fail2Ban on my personal mail/web host as the number of "bad actors" has climbed a lot in recent years and I no longer felt comfortable just allowing them to pummel my server. I'm writing up another blog post shortly on everything I did and how it all works; however, I had one issue that kept cropping up: Running fail2ban-client status recidive returned the following: Status for the jail: recidive |- Filter | |- Currently failed: 158 | |- Total failed: 741 | `- File list: /var/log/fail2ban.log `- Actions |- Currently banned: 8 |- Total banned: 8 `- Banned IP list: 185.127.19.155 203.87.129.135 80.82.77.203 94.102....

Prevent your ServiceNow Developer Instance from being reclaimed

I’m a big ServiceNow fan.  I became a bigger fan when they opened up a new Developer Program that included access to a free, personal ServiceNow Instance.  Just go to that link, register, and then ask for your Developer Instance. Having a personal instance is amazing, because “back in the day” you’d have to request access to a shared demo Instance.  The problem with these is that they were often used as sandboxes by lots of other people, completely wrecking your ability to test ideas or see how something would react.  If you wanted to see an out-of-box Instance and compare to yours, you were hosed, these always had modifications to them. Now you don’t have to...

Correcting Invalid sys_class_name Entries in your CMDB

The Problem A few days ago, we started having strange behavior in our Configuration Management Database (CMDB).  When looking at certain classes of Configuration Items (CI) we would see the User Interface (UI) display repeated buttons, and there were no CIs in the List View.  Additionally, if you went to the Tables & Columns module and tried to delete all records from cmdb_ci_netgear, the UI would report that the table was already empty (but it wasn’t): Worse still, none of the New or Edit… buttons worked on this List View any longer. The Investigation Our partner talked internally, and found another consultant who had seen this behavior previously, he informed us that it occurs within CMDB List...

Setting up Automatic Updates for Ubuntu

Keeping your system up to date is the single most important way to prevent security and malware issues.  Ubuntu provides nice tools for maintaining your system, but if you manage it via a command line you may be used to seeing: 1 2 3 packages can be updated. 3 updates are security updates. This is the Ubuntu system notifying you that it noticed there are 3 packages that have updates available.  This check is enabled by default and is part of the **update-motd** system.  Some background on how this works will provide insight into the workings of Ubuntu and then we’ll talk about automating those updates. Background update-motd is a system program introduced in Ubuntu that allows for the...